As ever increasing amounts of electronic data are generated by both individuals and businesses, there is a need for vast storage systems that can hold this data. The current trend is to store data in third party storage systems, in what is often referred to as the cloud. Cloud storage is a subcategory of cloud computing. Cloud computing systems offer users access to not only storage, but also processing power and computer applications installed in a remote network.
There are hundreds of different cloud storage systems. Some have a very specific focus, such as storing e-mail messages or digital pictures. Others are available to store all forms of digital data. Cloud computing provides cost-effective storage services. Individuals and businesses only pay for the storage they actually use. Another advantage is that businesses reduce their IT costs since they do not need to install physical storage devices in their own locations.
Although cloud computing provides cost-effective storage services, it is a third party service. When storing data at a cloud storage provider, security of stored data and data in transit is a concern. There is a need to achieve and maintain confidentiality and integrity of the data. One approach is to encrypt the data. Encrypted file systems (EFS) can be used to encrypt the user's data within the cloud. An encrypted file system is used to encrypt the user's data, manage and create keys which are used for data encryption and decryption. A drawback of this approach is that the data can be accessed and even modified if another party obtains the keys used for data encryption and decryption.
Another approach is disclosed in a master's thesis titled “A Trusted Storage System For The Cloud” by Sushama Karumanchi, dated Jan. 1, 2010. In this approach, a number of protocols are developed to insure that the user's data is stored on trusted storage severs, and replicated only on trusted servers. In particular, a trusted third party node is maintained by a trusted third party and does not belong to the cloud. The trusted third party node is an integral entity of the trusted storage system. The trusted third party node checks each node/storage server in the cloud for correctness of platform and attests to it. After attestation by the trusted third party node, a node is deemed trusted and can then store the user's data within itself. Although this approach is effective, not all users who want to store data at a remote data storage facility may have access to a trusted storage system.